University of Minnesota Duluth
People | Departments | Search UMD

Information Technology Systems and Services

System Status

Friday, May 16

No problems reported at this time.

View scheduled updates

Sign up for email notice

"Change your password" email: Real or scam?
04.04.08: Recently, the University of Minnesota started an initiative to increase security by expiring all Internet passwords after one year. Internet passwords are used for most common online applications such as e-mail, wireless access, course registration, UMCal, and pay statements. The University has been sending email notices to students, faculty and staff who have a password about to expire with instructions on how to reset it.
Unfortunately, a number of faked emails have also been circulating to universities across the country that also request the user to update their "University" account by clicking on a link or replying to the email. If a person replies, the account information is then used to send large amounts of spam. Several UMD accounts have already been compromised in this manner.
So, how can you tell the real email from the fake email?
  • The University will never ask you to reply to an email with your password. You will always be asked to go to the University's web site to change your password. Here's one way to get there from the ITSS Home page (www.d.umn.edu/itss/)
    • Under Services, click on the "Email" link.
    • Under Quick Links, click on the "Change your Internet password" link.
  • Check the "From" and "Reply to" addresses for obvious imposters, although these can be faked to look legitimate as well. Some of the recent emails came from "yahoo" accounts, for example.
  • Don't click on links in an email without verifying that it's a legitimate University web site.
  • If you receive a phishing email that targets University email users, report it to abuse@umn.edu.
  • If you have questions or concerns about an email you receive, please contact the ITSS Help Desk (726-8847).
For reference, below are a few of the recent scams:
  • 04.04.08 Subject line: "Update Your Email Address"
    This fake email includes a spoofed address (UMN Email Admin<mailadmin@umn.edu>) and a link to a malicious web site.
  • 03.29.08 Subject line: "Account Reactivation"
    This fake emails asks for your University email account, password, date of birth and your country.
  • 01.30.08 Subject line: "VERIFY YOUR UMN (or EMAIL) ACCOUNT NOW"
    This fake email asks for your UMN email account and password.
For more details, see: University Internet passwords set to expire yearly
UMCal archiving begins
01.15.08: Beginning Feb. 1, the Office of Information Technology (OIT) will archive UMCal user data older than 18 months. The archived data will be stored in a standards-based file format for a minimum of seven years. Customers can request their calendar archives from the UMCal Support Group. The archiving is being done to increase system performance and to provide a clear retention policy. Additional information is available at: UMCal Archiving.
New Infection Alert: Fake Codecs
01.10.08: This holiday season, fake codecs for video players were among the biggest computer threats. Folks downloading codecs needed for video players found themselves victim to viruses, malware, and the like. (A codec is software that is used to compress or decompress a digital media file, such as a song or video). Please keep your computer safe! Visit the ITSS Virus and Security Information web site for the latest news, links, and assistance for keeping your computer clear.
New emergency text alert system
10.22.07 The University of Minnesota Duluth has established a new service to send text messages to cellular telephones in case of an emergency or weather-related campus closing. For more information or to sign up, see: Emergency text alerts.

News Archive